[Date Prev][Date Next] [Chronological] [Thread] [Top]

Client Authentication

To: openldap-software@OpenLDAP.org
Subject: Client Authentication
From: Sangita Mohan <sangitam@qualcomm.com>
Date: Tue, 17 May 2005 16:12:20 -0700

I am certain that several clients use OpenLDAP for authentication. I have a few questions regarding client authentication vis SSL/TLS.

In the case, if the signature of the server certificate does not match the signature of one of our CA certificates then we cannot declare that the certificate is trusted. That is when we ask the user whether or not we should trust this certificate.

- I can't find any OpenLDAP API to get server certificate information. Does that mean I have to use OpenSSL API to get server certificate information?

- How do I determine from OpenLDAP that my bind has failed because the signature of the server certificate does not match the signature of one of our CA certificates? Is there any return error code that would determine that?

Thanks
Sangita

Follow-Ups:
- Re: Client Authentication
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
- Re: Client Authentication
  - From: Howard Chu <hyc@symas.com>

Prev by Date: Re: ldap_getfilter
Next by Date: Re: Client Authentication
Index(es):
- Chronological
- Thread